Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 5:24 p.m.4 views

CVE-2020-11969

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS9.3AI score0.01111EPSS
Exploits0References1
NVD
NVDadded 2023/04/03 8:15 a.m.16 views

CVE-2023-26269

Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX...

7.8CVSS7.9AI score0.01164EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/04/03 12:0 a.m.3 views

PT-2023-20578 · Apache · Apache James Server

Name of the Vulnerable Software and Affected Versions: Apache James server versions 3.7.3 and earlier Description: The issue allows privilege escalation by a malicious local user due to the JMX management service being provided without authentication by default. Administrators are advised to take...

7.8CVSS7.8AI score0.01164EPSS
Exploits0References12
Tenable Nessus
Tenable Nessusadded 2020/12/02 12:0 a.m.34 views

Apache Cassandra 1.2.x <= 1.2.19 / 2.0.x <= 2.0.13 / 2.1.x <= 2.1.3 RCE

The default configuration in Apache Cassandra running on the remote host version 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 bound an unauthenticated JMX/RMI interface to all network interfaces. A remote attacker able to access the RMI, an API for the transport and remote...

7.5CVSS8.9AI score0.00667EPSS
Exploits0References3
Cvelist
Cvelistadded 2018/06/28 4:0 p.m.17 views

CVE-2018-8016

The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request. This issue is a regression of CVE-2015-0225. The regression was introduced in...

9.7AI score0.00609EPSS
Exploits0References1
CVE
CVEadded 2018/06/28 4:0 p.m.102 views

CVE-2018-8016

CVE-2018-8016 affects Apache Cassandra 3.8–3.11.1, where the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, allowing a remote attacker to execute arbitrary Java code via an RMI request. This is a regression of CVE-2015-0225, introduced in CASSANDRA-121...

9.8CVSS9.5AI score0.00609EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2015/04/03 2:0 p.m.15 views

CVE-2015-0225

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request...

9.8AI score0.00667EPSS
Exploits0References6
Rows per page
Query Builder